share: builder.WriteSequenceLen needs bounds checks for .rawShareData lest encounter a panic; perhaps add a validation to fail on immediate constructor invocation

[odeke-em]

Summary of Bug

This code

go-square/share/share_builder.go

Lines 159 to 164 in f0bf090

	sequenceLenBuf := make([]byte, SequenceLenBytes)
	binary.BigEndian.PutUint32(sequenceLenBuf, sequenceLen)
	for i := 0; i < SequenceLenBytes; i++ {
	b.rawShareData[NamespaceSize+ShareInfoBytes+i] = sequenceLenBuf[i]
	}

panics when given a rawShareData length of 5 bytes and WriteSequenceLen is invoked with sequenceLen>=1

Found during fuzzing

fuzz: elapsed: 0s, gathering baseline coverage: 0/1 completed
failure while testing seed corpus entry: FuzzGenerateSubtreeRoots/seed#0
fuzz: elapsed: 0s, gathering baseline coverage: 0/1 completed
--- FAIL: FuzzGenerateSubtreeRoots (0.08s)
    --- FAIL: FuzzGenerateSubtreeRoots (0.00s)
        testing.go:1590: panic: runtime error: index out of range [30] with length 5
            goroutine 18 [running]:
            runtime/debug.Stack()
            	/home/emmanuel/go/pkg/mod/golang.org/[email protected]/src/runtime/debug/stack.go:24 +0x9b
            testing.tRunner.func1()
            	/home/emmanuel/go/pkg/mod/golang.org/[email protected]/src/testing/testing.go:1590 +0x1c8
            panic({0x913b80?, 0xc00001c3d8?})
            	/home/emmanuel/go/pkg/mod/golang.org/[email protected]/src/runtime/panic.go:770 +0x132
            github.com/celestiaorg/go-square/v2/share.(*builder).WriteSequenceLen(...)
            	/home/emmanuel/go/src/github.com/celestiaorg/go-square/share/share_builder.go:164
            github.com/celestiaorg/go-square/v2/share.(*SparseShareSplitter).Write(0xc0001795b0, 0xc0001004b0)
            	/home/emmanuel/go/src/github.com/celestiaorg/go-square/share/split_sparse_shares.go:35 +0xecd
            github.com/celestiaorg/go-square/v2/inclusion.splitBlobs({0xc0001796f8, 0x1, 0xc000179658?})
            	/home/emmanuel/go/src/github.com/celestiaorg/go-square/inclusion/commitment.go:127 +0xc8
            github.com/celestiaorg/go-square/v2/inclusion.GenerateSubtreeRoots(0xc0001004b0, 0x40)
            	/home/emmanuel/go/src/github.com/celestiaorg/go-square/inclusion/commitment.go:31 +0x73
            github.com/celestiaorg/go-square/v2/inclusion_test.FuzzGenerateSubtreeRoots.func1(0x0?, {0xc00001c3c0, 0x13, 0x18})
            	/home/emmanuel/go/src/github.com/celestiaorg/go-square/inclusion/fuzz_test.go:79 +0x68
            reflect.Value.call({0x8c8160?, 0x966f50?, 0x13?}, {0x9366a4, 0x4}, {0xc00010dc80, 0x2, 0x2?})
            	/home/emmanuel/go/pkg/mod/golang.org/[email protected]/src/reflect/value.go:596 +0xca6
            reflect.Value.Call({0x8c8160?, 0x966f50?, 0x55da8d?}, {0xc00010dc80?, 0x935bc0?, 0xf?})
            	/home/emmanuel/go/pkg/mod/golang.org/[email protected]/src/reflect/value.go:380 +0xb9
            testing.(*F).Fuzz.func1.1(0xc000148d00?)
            	/home/emmanuel/go/pkg/mod/golang.org/[email protected]/src/testing/fuzz.go:335 +0x325
            testing.tRunner(0xc000148d00, 0xc000174480)
            	/home/emmanuel/go/pkg/mod/golang.org/[email protected]/src/testing/testing.go:1689 +0xfb
            created by testing.(*F).Fuzz.func1 in goroutine 6
            	/home/emmanuel/go/pkg/mod/golang.org/[email protected]/src/testing/fuzz.go:322 +0x574

Version

f0bf090

Steps to Reproduce

Described above.

Kindly cc-ing @walldiss @Wondertan @cristaloleg

For Admin Use

• Not duplicate issue
• Appropriate labels applied
• Appropriate contributors tagged
• Contributor assigned/self-assigned